Firebasecloud~30 mins

Comparison operators (==, <, >, >=, <=) in Firebase - Mini Project: Build & Apply

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Time

Using Comparison Operators in Firebase Security Rules

📖 Scenario: You are managing a Firebase Firestore database for a simple blog app. You want to control who can read and write posts based on certain conditions.

🎯 Goal: Write Firebase security rules that use comparison operators ==, <, >, >=, and <= to allow or deny access to posts.

📋 What You'll Learn

Create a rule that allows reading posts only if the post's status is exactly "published".

Add a rule that allows writing a post only if the likes count is less than 100.

Add a rule that allows updating a post only if the views count is greater than or equal to 10.

Add a rule that denies deleting a post if the comments count is greater than 0.

Add a rule that allows reading posts only if the createdAt timestamp is less than or equal to the current time.

💡 Why This Matters

🌍 Real World

Firebase security rules protect your database by controlling who can read or write data based on conditions.

💼 Career

Understanding and writing secure Firebase rules is essential for backend and cloud developers working with Firebase.

Progress0 / 4 steps

Create the base Firestore rules structure

Write the initial Firestore rules with a match block for posts/{postId} and allow read only if resource.data.status == "published".

Firebase

rules_version = '2';
service cloud.firestore {
  match /databases/{database}/documents {
    match /posts/{postId} {
      // Your code here
    }
  }
}

Need a hint?

Use resource.data.status == "published" to check the post status.

Add write rule with likes count check

Add an allow write rule inside match /posts/{postId} that permits writing only if request.resource.data.likes < 100.

Firebase

rules_version = '2';
service cloud.firestore {
  match /databases/{database}/documents {
    match /posts/{postId} {
      allow read: if resource.data.status == "published";
      // Your code here
    }
  }
}

Need a hint?

Use request.resource.data.likes < 100 to limit writes.

Add update rule with views count check

Add an allow update rule inside match /posts/{postId} that permits updates only if request.resource.data.views >= 10.

Firebase

rules_version = '2';
service cloud.firestore {
  match /databases/{database}/documents {
    match /posts/{postId} {
      allow read: if resource.data.status == "published";
      allow write: if request.resource.data.likes < 100;
      // Your code here
    }
  }
}

Need a hint?

Use request.resource.data.views >= 10 to allow updates.

Add delete and read rules with comments and createdAt checks

Add an allow delete rule that denies deletion if resource.data.comments > 0. Also, update the allow read rule to allow reading only if resource.data.createdAt <= request.time and resource.data.status == "published".

Firebase

rules_version = '2';
service cloud.firestore {
  match /databases/{database}/documents {
    match /posts/{postId} {
      allow read: if resource.data.status == "published";
      allow write: if request.resource.data.likes = 10;
      // Your code here
    }
  }
}

Need a hint?

Use !(resource.data.comments > 0) to deny deletes if comments exist.
Use resource.data.createdAt <= request.time to check creation time.